secuiry

November 28, 2024

Mitigation Instructions for CVE-2021-31207

SUBJECT: CVE-2021-31207 Microsoft Exchange Server Security Feature Bypass Vulnerability TECH STACK: Microsoft Exchange Server 2013, 2016, and 2019.   DATE(S) ISSUED: 05/11/2021 CRITICALITY: HIGH OVERVIEW: CVE-2021-31207 is a vulnerability in Microsoft […]
November 28, 2024

Mitigation Instructions for CVE-2021-44832 (log4shell)

SUBJECT: Apache Log4j (also called Log4Shell) Vulnerability CVE-2021-44832 CRITICALITY: Extremely Critical. OVERVIEW:  On December 9, 2021, security researchers discovered a critical vulnerability in a widely  used, Java-based software […]
November 28, 2024

General Instructions for Upgrading Microsoft Exchange Server

Subject: Ensuring Email Security and Performance: Upgrading Microsoft Exchange Server Tech Stack: Microsoft Exchange Server (All Unsupported Versions) Overview: Upgrading to a supported version of Microsoft […]
November 28, 2024

Mitigation Instructions for PHP 8.2.x < 8.2.9 Multiple Vulnerabilities

Subject: Security Alert: Upgrading PHP to Version 8.2.9 or Later to Address Critical Vulnerabilities Risk Information: Overview: The PHP installation on the remote web server is […]
November 28, 2024

Mitigation Instructions for Microsoft Windows Server 2003 Unsupported Installation Detection

Microsoft Windows Server 2003 Unsupported Installation Detection Report for IT and Security Professionals Executive Summary This report addresses the critical risk associated with running Microsoft Windows […]
November 28, 2024

Mitigation Instructions for Microsoft Windows CVE-2024-21412

SUBJECT: Mitigate Microsoft Windows Internet Shortcut Files Security Feature Bypass Vulnerability (CVE-2024-21412) TECH STACK:  Microsoft Windows (all supported versions) DATE(S) ISSUED:  02/13/2024 NVD Last Modified: 02/14/2024 CRITICALITY: High (CVSS Score: […]
November 28, 2024

Mitigation Instructions for CVE-2023-44487

SUBJECT: CVE-2023-44487 Uncontrolled Resource Consumption TECH STACK:  DATE(S) ISSUED: 10/10/2023 NVD Last Modified: 02/02/2024 CRITICALITY: HIGH (CVE Base Score: 7.5) OVERVIEW:  This vulnerability affects the HTTP/2 Protocol, widely used […]
November 28, 2024

Mitigation Instructions for CVE-2022-31813

SUBJECT: CVE-2022-31813 IP based authentication bypass TECH STACK: Apache HTTP Server versions 2.4.0 through 2.4.55 DATE(S) ISSUED: 06/09/2022 NVD Last Modified: 08/19/2022 CRITICALITY: CRITICAL  OVERVIEW:  Apache HTTP Server 2.4.53 and […]
November 28, 2024

Mitigation Instructions for Microsoft SQL Server Unsupported Version Detection (remote check)

Subject: Microsoft SQL Server Unsupported Version Detection Tech Stack: Date Issued: Criticality: Overview: Attack Mechanisms: Affected Systems: Mitigation Solution: References:
November 28, 2024

Mitigation Instructions for CVE-2021-34523

SUBJECT: CVE-2021-34523 Microsoft Exchange Server Privilege Escalation Vulnerability TECH STACK: Microsoft Exchange Server versions 2013 through 2021.   DATE(S) ISSUED: 07/14/2021 CRITICALITY: HIGH OVERVIEW: CVE-2021-34523 is a privilege escalation vulnerability that […]